Web servers at risk, says BKAV

BKAV on July 3 warned that a critical flaw in Remote Desktop Protocol
(RDP) across supported versions of Windows is affecting about 32
percent of the Vietnam 's Government web servers.

The
vulnerability allows attackers to remotely execute a code on an
unpatched system that is Remote Desktop enabled, the Hanoi-based company
said.

Microsoft's Remote Desktop Protocol, which is
disabled by default on newer Windows installations, allows users to
remotely connect to Windows' desktops or servers, and is widely used by
enterprises.

Microsoft in March asked system
administrators to apply its latest update as a "special priority" given
the nature of the flaw, but about one-third of Government web servers in
Vietnam are still vulnerable, BKAV said.

According to
the internet security firm, attackers may well develop a code similar
to the Morto worm that appeared late last year.

Morto infected machines using RDP and allowed remote attackers to access the file systems of a Windows PC.

"The weak management of server security in governmental organisations
is at an alarming level, which could also threaten national security,"
Nguyen Minh Duc, head of BKAV's internet security department, told
Vietnam News.

BKAV said it had sent warnings to administrators of 520 Government websites ending with.gov.vn.-VNA